This forum is now a read-only archive. All commenting, posting, registration services have been turned off. Those needing community support and/or wanting to ask questions should refer to the Tag/Forum map, and to http://spring.io/questions for a curated list of stackoverflow tags that Pivotal engineers, and the community, monitor.

How do I exclude URLs?

Dec 14th, 2004, 04:17 PM

I'm using good ol' container-managed authentication and migrating to Acegi. I'm protecting *.html in my web.xml and I allow some URLs to pass through using a <security-constraint> with no <auth-contraint>:

After reading many posts on this forum and seeing the "anonymous" user approach, I gave it a whirl. I got it to work, but I had to write quite a bit of code to do something that should be simple. So I scrapped it and hacked Acegi a bit to allow excluded URLs. Below is a patch that allows you to exclude URLs in your context file with the following syntax: